Hello, I am currently trying to use a CRS3xx device to act as a switch simply to allow 2 firewalls to resume it’s WAN connection should one fail. Basically 3 ports, 1 to the ISP, and the other 2 are used for each firewalls WAN port. I actually have a Juniper switch setup and it does work but we purchased this Mikrotik to take over the role but I am new to Mikrotik. This is what I would to have, first make sure the device has been secured out of the box and then as follows:
In my case would you recommend creating a separate bridge just for the ports then assign the VLAN under the bridge? This device will not be used in other manner, it is simply allowing 2 firewalls to share a ISP connection. I don’t want to over complicate things but also want to make sure I’m not exposing anything or jeopardizing our incoming connection by a poorly configured device.
The attachment is basically what I am trying to achieve.
I think you have the gist of it.
Very basic bridge with three ports
One VLAN that is untagged on all three ports
Add fourth untagged port to the bridge so that you can access the ISP if necessary ( not sure of the ISP device setup but may not be required) on the same vlan.
Add a fifth port off the bridge to configure the switch and make changes…
Assuming there is physical security, its not like a switch in an open office area.
Yes the switch itself is in a locked server room, I did try to already setup, I have been able to establish that if I ping the switch IP address, from any port 1-4,6 that I get a response. Moving into the ports 5,7-8 I break the communication which is good, however when I attempt to plug 2 devices into Ports 5,7-8 that I can’t get them to see one another, so I am obviously missing a step. I might need to go back I think I need to enable Vlan Filtering on the vlan.
Basically starting over, I missed a key step and that was first cleaning up the interfaces and bridge. So I removed all interfaces not part of the setup and disabled those ports, leaving me with just Ports 1,5,7,8 to work on the configuration.
